Dropbear 0.50 scp problem. Most probably related to uclibc

Jacques Verryn jacques at digidruid.com
Fri Feb 8 23:44:36 WST 2008 

On Feb 5, 2008 11:49 PM, Rob Landley <rob at landley.net> wrote:

> On Tuesday 05 February 2008 10:13:13 Jacques Verryn wrote:
> > The crux of the problem is if I scp a file from my desktop linux pc to
> the
> > gumstix, the resulting file on the gumstix has zero file length.
> > The common denominator in the above posts and in my case, is uclibc.
> > I upgraded from dropbear 0.48.1 to 0.50 due the the scp hang error that
> was
> > fixed be extensive reworking of the common-channel.c code.
> > I'm working on a production level project and can unfortunately not
> trade
> > scp functionality versus the occasional session hang.
> >
> > Any ideas???
>
> Run "./dropbear -F -E" under strace, and then do your scp to it with
> stderr
> captured to a log file.  (Via serial console if necessary.)
>
> At a guess, some call to libc is returning an error that aborts the write.
> Figure out _where_ the write stops, and you're halfway to figuring out
> why.
>
> Rob
> --
> "One of my most productive days was throwing away 1000 lines of code."
>  - Ken Thompson.
>
>
>
I ran strace -fF dropbear -F. I then scp'd a file(small.txt) containing
'hello world\n' and saw the following

<--- trace snip ----->
[pid  6696] stat64("./small.txt", {st_mode=S_IFREG|0644, st_size=0, ...}) =
0
[pid  6696] open("./small.txt", O_WRONLY|O_CREAT|O_LARGEFILE, 0644) = 3
[pid  6696] write(1, "\0", 1 <unfinished ...>
[pid  6694] <... select resumed> )      = 1 (in [10], left {299, 640000})
[pid  6696] <... write resumed> )       = 1
[pid  6694] gettimeofday( <unfinished ...>
[pid  6696] read(0,  <unfinished ...>
[pid  6694] <... gettimeofday resumed> {4920, 971917}, NULL) = 0
[pid  6694] read(10, "\0", 16375)       = 1
[pid  6694] select(13, [4 6 10 12], [6], NULL, {300, 0}) = 1 (out [6], left
{300, 0})
[pid  6694] gettimeofday({4920, 978769}, NULL) = 0
[pid  6694] write(6,
"s\266?\251(\210b\337\376\247\207D\203p\354\37\201\315i"..., 48) = 48
[pid  6694] gettimeofday({4920, 983486}, NULL) = 0
[pid  6694] select(13, [4 6 10 12], [], NULL, {300, 0}) = 1 (in [6], left
{300, 0})
[pid  6694] gettimeofday({4920, 988049}, NULL) = 0
[pid  6694] read(6, "s\273\227(D\r(\243\251\276\215\32~\233\226\306", 16) =
16
[pid  6694] read(6,
"\312\333!d\3324\32\324\356\347\262\365A/k\301\32\205\371"..., 32) = 32
[pid  6694] select(13, [4 6 10 12], [9], NULL, {300, 0}) = 2 (in [6], out
[9], left {300, 0})
[pid  6694] gettimeofday({4920, 996866}, NULL) = 0
[pid  6694] read(6, "\373r\306\275\16\272\360d\16$j\336|\34V\266", 16) = 16
[pid  6694] read(6,
"\241y\256\0252N\226\365\'z79\270=\30E\253h\260.\267\2\261"..., 32) = 32
[pid  6694] write(9, "hello world\n\0", 13) = 13
[pid  6694] select(13, [4 6 10 12], [], NULL, {300, 0} <unfinished ...>
[pid  6696] <... read resumed> "hello world\n", 12) = 12
[pid  6696] write(3, "hello world\n", 12) = 12
[pid  6696] ftruncate64(3, 51539607552) = 0
[pid  6696] close(3)                    = 0
[pid  6696] read(0, "\0", 1)            = 1
[pid  6696] write(1, "\0", 1 <unfinished ...>
</---trace snip ---->

The size parameter of the ftruncate64 call is WAY wrong!
Doing the same with dropbear 0.48.1 yields the following trace

<--- trace snip ----->
[pid  6710] write(7, "hello world\n\0", 13) = 13
[pid  6710] select(11, [6 8 10], [], NULL, {20, 0} <unfinished ...>
[pid  6712] <... read resumed> "hello world\n", 12) = 12
[pid  6712] write(3, "hello world\n", 12) = 12
[pid  6712] ftruncate(3, 12)            = 0
[pid  6712] close(3)
</--- trace snip ----->

My first observation is that 0.48 use ftruncate instead ftruncate64 and
secondly the size parameter is correct.
The code in scp.c line(1032-1041) that is involved with the write and then
ftruncate is:
<code>
        if (count != 0 && wrerr == NO &&
            atomicio(vwrite, ofd, bp->buf, count) != count) {
            wrerr = YES;
            wrerrno = errno;
        }

        if (wrerr == NO && ftruncate(ofd, size) != 0) {
             run_err("%s: truncate: %s", np, strerror(errno));
             wrerr = DISPLAYED;
        }
</code>
This code has not change in a while. I also verified the 'size' has the
correct value just before the ftruncate.

I'm starting to suspect a compiler flag / package config issue.

I'm going to fiddle a bit more, but this is what I have at the moment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20080208/4f98a32a/attachment.htm

More information about the Dropbear mailing list